A French company must pay a Â¬10,000 (US$12,281) fine for failing to provide an employee with GPS data tracking the movements of his company vehicle, the French National Commission on Computing and Liberty (CNIL) announced Monday.
The man wanted the data in order to prove that a traffic accident in which he had been involved took place while he was on business for Equipements Nord Picardie, a regional water utility.
France has strict laws governing what personal data businesses may store on a computer, and provides that anyone may request a copy of data relating to them. Typically, access requests are made by persons wishing to correct or delete personal data held about them, two other rights enshrined in French law.
However, in this case, the man hoped to use the tracking data gathered by his employer to convince a court that he had been the victim of a workplace accident.
Eleven weeks after his initial request to his former employer, he complained to the CNIL, which asked the company to turn over the data four times over the following six months. Another month passed, still with no reply. The CNIL gave the company formal notice to turn over the data within two weeks, but it refused, saying the employee could consult the data in its office.
"Through its stalling tactics, the company took the risk of depriving the plaintiff of the possibility of accessing data, the storage of which was only guaranteed for six months after its recording," the CNIL said in its ruling, published Monday.
That could have left the employee without the means to prove to his health insurance provider that the accident had been sustained on company business.
In view of the company's procrastination and its refusal to provide the copy of the data required by law, the CNIL decided to impose a Â¬10,000 fine.
Peter Sayer covers open source software, European intellectual property legislation and general technology breaking news for IDG News Service. Send comments and news tips to Peter at email@example.com.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.